diff --git a/src/java/com/threerings/presents/dobj/AccessController.java b/src/java/com/threerings/presents/dobj/AccessController.java new file mode 100644 index 000000000..be40c3285 --- /dev/null +++ b/src/java/com/threerings/presents/dobj/AccessController.java @@ -0,0 +1,25 @@ +// +// $Id: AccessController.java,v 1.1 2002/03/20 03:19:51 mdb Exp $ + +package com.threerings.presents.dobj; + +/** + * Used to validate distributed object subscription requests and event + * dispatches. + * + * @see DObject#setAccessController + */ +public interface AccessController +{ + /** + * Should return true if the supplied subscriber is allowed to + * subscribe to the specified object. + */ + public boolean allowSubscribe (DObject object, Subscriber subscriber); + + /** + * Should return true if the supplied event is legal for dispatch on + * the specified distributed object. + */ + public boolean allowDispatch (DObject object, DEvent event); +} diff --git a/src/java/com/threerings/presents/dobj/DEvent.java b/src/java/com/threerings/presents/dobj/DEvent.java index a77e32ce7..d4afda6f0 100644 --- a/src/java/com/threerings/presents/dobj/DEvent.java +++ b/src/java/com/threerings/presents/dobj/DEvent.java @@ -1,5 +1,5 @@ // -// $Id: DEvent.java,v 1.8 2001/11/18 04:27:56 mdb Exp $ +// $Id: DEvent.java,v 1.9 2002/03/20 03:19:51 mdb Exp $ package com.threerings.presents.dobj; @@ -36,8 +36,11 @@ public abstract class DEvent throws ObjectAccessException; /** - * Returns the object id of the client that generated this event. This - * will only be valid on the server, it will return -1 otherwise. + * Returns the object id of the client that generated this event. If + * the event was generated by the server, the value returned will be + * -1. This is not valid on the client, it will return -1 for all + * events there (it is primarily provided to allow for event-level + * access control). */ public int getSourceOid () { diff --git a/src/java/com/threerings/presents/dobj/DObject.java b/src/java/com/threerings/presents/dobj/DObject.java index 61da46613..8c940393d 100644 --- a/src/java/com/threerings/presents/dobj/DObject.java +++ b/src/java/com/threerings/presents/dobj/DObject.java @@ -1,5 +1,5 @@ // -// $Id: DObject.java,v 1.41 2002/03/19 01:10:02 mdb Exp $ +// $Id: DObject.java,v 1.42 2002/03/20 03:19:51 mdb Exp $ package com.threerings.presents.dobj; @@ -178,6 +178,27 @@ public class DObject ListUtil.clear(_listeners, listener); } + /** + * Provides this object with an entity that can be used to validate + * subscription requests and events before they are processed. The + * access controller is handy for ensuring that clients are behaving + * as expected and for preventing impermissible modifications or event + * dispatches on a distributed object. + */ + public void setAccessController (AccessController controller) + { + _controller = controller; + } + + /** + * Returns a reference to the access controller in use by this object + * or null if none has been configured. + */ + public AccessController getAccessController () + { + return _controller; + } + /** * At times, an entity on the server may need to ensure that events it * has queued up have made it through the event queue and are applied @@ -262,9 +283,10 @@ public class DObject /** * Checks to ensure that the specified subscriber has access to this * object. This will be called before satisfying a subscription - * request. By default objects are accessible to all subscribers, but - * certain objects may wish to implement more fine grained access - * control. + * request. If an {@link AccessController} has been specified for this + * object, it will be used to determine whether or not to allow the + * subscription request. If no controller is set, the subscription + * will be allowed. * * @param sub the subscriber that will subscribe to this object. * @@ -273,14 +295,19 @@ public class DObject */ public boolean checkPermissions (Subscriber sub) { - return true; + if (_controller != null) { + return _controller.allowSubscribe(this, sub); + } else { + return true; + } } /** * Checks to ensure that this event which is about to be processed, - * has the appropriate permissions. By default objects accept all - * manner of events, but certain objects may wish to implement more - * fine grained access control. + * has the appropriate permissions. If an {@link AccessController} has + * been specified for this object, it will be used to determine + * whether or not to allow the even dispatch. If no controller is set, + * all events are allowed. * * @param event the event that will be dispatched, object permitting. * @@ -289,7 +316,11 @@ public class DObject */ public boolean checkPermissions (DEvent event) { - return true; + if (_controller != null) { + return _controller.allowDispatch(this, event); + } else { + return true; + } } /** @@ -648,6 +679,10 @@ public class DObject /** A reference to our object manager. */ protected DObjectManager _omgr; + /** The entity that tells us if an event or subscription request + * should be allowed. */ + protected AccessController _controller; + /** A list of outstanding locks. */ protected Object[] _locks;